tags:

views:

1017

answers:

3
+3  Q: 

Refused to execute a JavaScript script. Source code of script found within request.

In WebKit I get the following error on my JavaScript:

Refused to execute a JavaScript script. Source code of script found within request.

The code is for a JavaScript spinners, see ASCII Art.

The code used to be working OK, and is still working correct in Camino and Firefox. The error only seems to be thrown when the page is saved via a POST and then retrieved via a GET. It both happens in Chrome/Mac and Safari/Mac.

Anyone knows what this mean, and how to fix this?

+4  A: 

It's a security measure to prevent XSS (cross-site scripting) attacks.

Greg  2009-10-10 13:03:28
It would be nice to see some kind of reference.
kangax  2009-10-11 06:31:58
+2  A: 

Do you have an example of a page that generates the error? I'm one of the developers of the XSS filter and I'd like to see if we can eliminate this false positive. Thanks.

Adam Barth  2009-10-10 21:00:03
Just click "ASCII Art" in the question.
doekman  2009-10-11 13:16:19
@Adam: Is this the filter you're talking about? http://lists.macosforge.org/pipermail/webkit-dev/2008-December/006033.html
doekman  2009-10-11 13:58:01
Looks like we fixed this when we made the filter a bit tighter to reduce the false positives. Thanks for the feedback!
Adam Barth  2009-10-12 21:57:06
Not 100%. I just saved the page in Chrome/Mac, and I got the afore mentioned error message. It seems only to happen when the page is saved and retrieved with a post (or a get after post, I can't see that right now). @Adam: does this ring a bell?
doekman  2009-10-14 19:23:40
A: 

Same error coming up here with the latest version of Chrome: https://wave.google.com/wave/#restored%3Awave%3Agooglewave.com!w%252BLby6vkE9A.1

Is this the same error?

Kirk  2009-11-16 17:37:36

related questions

What JavaScript patterns do you use most?
Javascript events
What style do you use for creating an "class" in JavaScript?
Graphing JavaScript Library
What's the difference in closure style
Getting the text from a drop-down box
How to specify javascript to run when ModalPopupExtender is shown
Length of Javascript Associative Array
How Do I Post and then redirect to an external URL from ASP.Net?
How to set up a CSS switcher in ASP.NET
Wrapping lists into columns
Javascript keyboard events primer? (or rather: help me with my custom dropdown)
Http Auth in a Firefox 3 bookmarklet
Best Debugging Tools for JavaScript/xulrunner Development
How can I turn a string of HTML into a DOM object in a Firefox extension?
Call ASP.NET Function From Javascript?
Javascript troubleshooting tools in IE
MAC addresses in JavaScript
Capturing TAB key in text box
CSS Background Color in Javascript
How can I make the browser see CSS and Javascript changes?
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP .Net Custom Client-Side Validation
What JavaScript library would you choose for a new project and why?
Detecting font in JavaScript